Programmer Humor

32464 readers

150 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

cat_programmer@lemmy.ml

421

Creating a password in 2023 be like (programming.dev)

submitted 1 year ago by likeaduck@programming.dev to c/programmerhumor@lemmy.ml

96 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] geissi@feddit.de 1 points 1 year ago (1 children)

forgetting-spaghetti-toad-box

I don't know much about PW security but would a passphrase of common words not be more susceptible to dictionary attacks?

[–] CanadaPlus@lemmy.sdf.org 8 points 1 year ago* (last edited 1 year ago) (1 children)

The idea is that entropy is measured with possible words instead of possible characters. It turns out 7 7-bit ascii characters have less entropy than 4 14-bit equivalent words (that is, the 16,384 most common ones). And that's in the ideal case it's a totally random 7 characters.

Every attack is technically a dictionary attack here, but it doesn't help enough because the password to a computer is still 30 characters long. To a human it seems a lot easier than ")f1:.{yJCzNv]@R=S K$~=", though.

PS. Turning /dev/random output into 7-bit ascii characters is surprisingly involved in Haskell. C would have been easier. This was the world's slowest ninja edit.

[–] geissi@feddit.de 1 points 1 year ago

Thanks for the explanation, I remember the explanation in https://xkcd.com/936/ but wasn't sure how that held up for different attack methods.